AirPort's AirPlay private key cracked

The private key used to secure AirPlay wireless media streams has been cracked, enabling third-party hardware and software to play iTunes content.

By
Ben Camm-Jones
| 11 Apr 11

Coder James Laird has reverse-engineered Apple's AirPort to create - wait for it - ShairPort, a way of playing iTunes content on third-party hardware and software.

Laird said that he created ShairPort out of frustration when an AirPort Express unit stopped working, leaving him unable to use the AirPlay media-streaming feature.

"My girlfriend moved house, and her Airport Express no longer made it with her wireless access point. I figured it'd be easy to find an ApEx emulator - there are several open source apps out there to play to them," Laird wrote on his blog.

But due to the AirPort Express' built-in cryptography system Laird had to physically take the device apart to access the private key required to enable third-party apps to run over AirPlay.

"I was disappointed to find that Apple used a public-key crypto scheme, and there's a private key hiding inside the ApEx. So I took it apart (I still have scars from opening the glued case!), dumped the ROM, and reverse engineered the keys out of it," he said.

There are a number of bugs in the release, Laird said, including one that makes it incompatible with the Mac OS version of iTunes, though it does work with Windows.